<?php

ob_start();
session_start();

require_once('auth.php');

$returnurl = isset($_REQUEST['returnurl']) ? $_REQUEST['returnurl'] : '';

$do = isset($_GET["do"])?$_GET["do"]:"";

$do = strtolower($do);

switch($do)
{
case "":
    if (checkLoggedin())
    {
        echo "<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>";
    }
    else
    {
        ?>
<!doctype html>
<html>
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">

    <title><?php echo $title?></title>
    <meta name="description" content="">

    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="shortcut icon" href="favicon.ico">

    <link rel="stylesheet" type="text/css" href="./css/api.css"/>
    <link rel="stylesheet" type="text/css" href="./js/ext-3.4.0/resources/css/ext-all.css"/>
    <link rel="stylesheet" type="text/css" href="./js/OpenLayers-2.12-rc7/theme/default/google.css"/>

    <link rel="stylesheet" href="css/base-style.css">
    <link rel="stylesheet" href="css/site.css">
    <script src='js/jquery-1.5.1.min.js'></script>
    <script src='js/jquery.corner.js'></script>
    <!--[if lt IE 7 ]>
      <script src="js/dd_belatedpng.js"></script>
      <script>DD_belatedPNG.fix("img, .png_bg");</script>
    <![endif]-->
    <script src='js/misc.js'></script>
    <script src='js/clickHereLinks.js'></script>
  </head>
    <body>
    <div id="site">
<?php include_once('pages/header.php')?>
        <div id="content">
      <form id="form" NAME="login1" ACTION="login.php?do=login&returnurl=<?php echo urlencode($returnurl)?>" METHOD="POST">
        <input TYPE="hidden" name="returnurl" value="<?php echo urlencode($returnurl)?>">
<?php
  $failedLogin = '';
  if (array_key_exists('failedLogin',$_COOKIE) && $_COOKIE['failedLogin'] != '') {
    $failedLogin = 'Bad login.&nbsp;&nbsp;';
    setcookie("failedLogin");
  }
  $failedRegister = '';
  if (array_key_exists('failedRegister',$_COOKIE) && $_COOKIE['failedRegister'] != '') {
    $failedRegister = 'Bad registration.&nbsp;&nbsp;';
    setcookie("failedRegister");
  }
?>
  <div style="margin-left: 20px; padding-top: 50px;">
    <h1>Login</h1><br />
    Registered users, please provide your username and password below.<br>
    Then press the Login button.
    <table width=280 style="margin-top: 10px;">
      <tr><td>Username:</td><td align=right><input type="text" name="username" id="username" style="background-color: #c2e6f3; width: 200px;" /></td></tr>
      <tr><td>&nbsp;</td></tr>
      <tr><td>Password:</td><td align=right><input type="password" name="password" id="password" style="background-color: #c2e6f3; width: 200px;" /></td></tr>
      <tr><td colspan=2 align=right style="padding-top: 10px;"><?php echo $failedLogin?><input name="mode" type="submit" value="Login" style="color:white;background: #c2e6f3 url('images/blank_button.png') 0 0 no-repeat; width: 100px; height: 25px; border: none;" /></td></tr>
    </table><br />
    Not registered? Complete the username and password fields above plus the email field below.<br>
    Then press the Register button.
    <table width=280>
      <tr><td>Email:</td><td align=right><input type="text" name="email" id="email" style="background-color: #c2e6f3; width: 200px;" /></td></tr>
      <tr><td colspan=2 align=right style="padding-top: 10px;"><?php echo $failedRegister?> <input name="mode" type="submit" value="Register" style="color:white;background: #c2e6f3 url('images/blank_button.png') 0 0 no-repeat; width: 100px; height: 25px; border: none;" /></td></tr>
    </table>
  </div>
      </form>
</div>
<?php include_once('pages/footer.php')?>
    </div>
    </body>
</html>
    <?php
    }
    break;
case "login":
    $username = isset($_POST["username"])?$_POST["username"]:"";
    $password = isset($_POST["password"])?$_POST["password"]:"";
    $email = isset($_POST["email"])?$_POST["email"]:"";

    if ($_REQUEST['mode'] == 'Login' && ($username=="" || $password=="")) {
        clearsessionscookies();
        setcookie("failedLogin",'login');
        header("location: login.php?returnurl=$returnurl");
    }
    else if ($_REQUEST['mode'] == 'Register' && ($username=="" || $password=="" || $email == "" )) {
        clearsessionscookies();
        setcookie("failedRegister",true);
        header("location: login.php?returnurl=$returnurl");
    }
    else
    {
        if ($_REQUEST['mode'] == 'Login' && confirmUser($username,$password)) // As pointed out by asgard2005
        {
            createsessions($username,$password);
            if ($returnurl<>"")
                header("location: ".urldecode($returnurl));
            else
            {
                header("Location: .");
            }
        }
        else if ($_REQUEST['mode'] == 'Register' && confirmUserRegistration($username,$password,$email)) // As pointed out by asgard2005
        {
            createsessions($username,$password,$email);
            if ($returnurl<>"")
                header("location: ".urldecode($returnurl));
            else
            {
                header("Location: .");
            }
        }
        else
        {
            echo "<h1>Invalid Username and/Or password</h1>";
            header("location: login.php?returnurl=$returnurl");
        }
    }
    break;
case "logout":
    clearsessionscookies();
    if ($returnurl<>"")
        header("location: ".urldecode($returnurl));
    else
    {
        header("Location: .");
    }
    break;
}
?>
